Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Crash/Fuzzing] "TypeError: Cannot read property 'toString' of undefined" when parsing ENR string #56

Closed
pventuzelo opened this issue May 19, 2020 · 3 comments · Fixed by #61
Closed

[Crash/Fuzzing] "TypeError: Cannot read property 'toString' of undefined" when parsing ENR string #56

pventuzelo opened this issue May 19, 2020 · 3 comments · Fixed by #61
Assignees
@twoeths

Comments

@pventuzelo
Copy link

pventuzelo commented May 19, 2020
edited
Loading

Describe the bug

During fuzzing with beaconfuzz, I found this TypeError crash inside the enr library when parsing invalid enr string.

Expected behavior

Should throw an Error since this string is invalid.

Steps to Reproduce

crash_TypeError_tostring_undef_enr_lodestar.js:

var discv5 = require("@chainsafe/discv5");

buf = Buffer.from('656e723a2d435972595a62404b574342526c4179357a7a61445a584a42476b636e68344d486342465a6e75584e467264764a6a5830346a527a6a7a', 'hex').toString()

discv5.ENR.decodeTxt(buf);

Run:

$ npm i @chainsafe/discv5

$ node crash_TypeError_tostring_undef_enr_lodestar.js
/home/scop/node_modules/@chainsafe/discv5/lib/enr/enr.js:76
        return this.get("id").toString("utf8");
                             ^

TypeError: Cannot read property 'toString' of undefined
    at Map.get id [as id] (/home/scop/node_modules/@chainsafe/discv5/lib/enr/enr.js:76:30)
    at Map.verify (/home/scop/node_modules/@chainsafe/discv5/lib/enr/enr.js:187:22)
    at Function.decodeFromValues (/home/scop/node_modules/@chainsafe/discv5/lib/enr/enr.js:55:18)
    at Function.decode (/home/scop/node_modules/@chainsafe/discv5/lib/enr/enr.js:62:20)
    at Function.decodeTxt (/home/scop/node_modules/@chainsafe/discv5/lib/enr/enr.js:68:20)
    at Object.<anonymous> (XXX/crash_TypeError_tostring_undef_enr_lodestar.js:5:12)
    at Module._compile (internal/modules/cjs/loader.js:936:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:947:10)
    at Module.load (internal/modules/cjs/loader.js:790:32)
    at Function.Module._load (internal/modules/cjs/loader.js:703:12)

Desktop (please complete the following information):
@pventuzelo pventuzelo changed the title [Crash/Fuzzing] TypeError "encoded.startsWith is not a function" when parsing ENR string [Crash/Fuzzing] "TypeError: Cannot read property 'toString' of undefined" when parsing ENR string May 19, 2020
@pventuzelo
Copy link
Author

EDIT: I've updated this issue, testing sample and error was not the good one.

@pventuzelo
Copy link
Author

pventuzelo commented May 19, 2020
edited
Loading

Additional information, this string is rejected by zcli with illegal base64 data error.

@twoeths twoeths self-assigned this Jun 23, 2020
@twoeths twoeths mentioned this issue Jun 23, 2020
Merged
@twoeths
Copy link
Contributor

twoeths commented Jun 24, 2020

after the fix, it should throw Error "Invalid record id"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@twoeths twoeths

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add validations to ENR.verify() ChainSafe/discv5
3 participants
@wemeetagain @pventuzelo @twoeths